Tag: container-security

Cyber security is no longer a luxury. If you need a reminder of that, just take a look at the seemingly endless number of stories appearing in the news lately about things like malware and security breaches.

If you manage a Docker environment, and you want to help make sure your organization or users are not mentioned in the news stories that accompany the next big breach, you should know the tools available to you for helping to secure the Docker stack, and put them to work. This post identifies the Docker security tools available (both native ones from Docker itself and third-party options) that can help to secure your Docker containers.

Your storage system should be locked down with all security and access control tools available to you as well. That is true whether the storage serves containers or any other type of application environment.

How do you secure containers? That may sound like a simple question, but it actually has a six- or seven-part answer.

That’s because securing containers doesn’t involve just deploying one tool or paying careful attention to one area where vulnerabilities can exist. Because a containerized software stack involves so many different components, you need to secure many different layers. The tools designed to help you harden one part of your environment won’t protect other segments.

Commercial security tools do exist, and are designed to provide relatively comprehensive security or container environments. They are good tools, and they can certainly be useful parts of a container security strategy, but they have their limitations. To be truly secure, you need to analyze each of the layers in your stack, and be sure that they are covered adequately by the security tools or processes you put in place.

This post helps you plan a complete container security strategy by outlining all of the layers you need to secure, and explaining the primary considerations to keep in mind when securing each one. Read more

DevOps can now efficiently and securely deploy containers for enterprise applications

As more enterprises move to a container-based application deployment model, DevOps teams are discovering the need for management and orchestration tools to automate container deployments. At the same time, production deployments of containers for business critical applications require specialized container-intelligent security tools.

To address this, Rancher Labs and NeuVector today announced that they have partnered to make container security as easy to deploy as application containers. You can now easily deploy the NeuVector container network security solution with the Rancher container management platform. The first and only container network security solution in the Rancher application catalog, the addition of NeuVector provides simple deployment of the NeuVector containers into an enterprise container environment. Read more

MongoDB, the popular open source NoSQL database, has been in the news a lot recently—and not for reasons that are good for MongoDB admins. Early this year, reports began appearing of MongoDB databases being “taken hostage” by attackers who delete all of the data stored inside the databases, then demand ransoms to restore it.

Security is always important, no matter which type of database you’re using. But the recent spate of MongoDB attacks makes it especially crucial to secure any MongoDB databases that you may use as part of your container stack.

This article explains what you need to know to keep MongoDB secure when it is running as a container. We’ll go over how to close the vulnerability behind the recent ransomware attacks using a MongoDB container while the container is running—as well as how to modify a MongoDB Dockerfile to change the default behavior permanently. Read more